Many resources, such as data, applications, and services, are available over the Internet to allow users to access the resources remotely. When the resources are security-sensitive, authentication procedures are commonly implemented to ensure that only properly-authenticated individuals are able to access the secure resources. Authentication is often performed by requiring users each to enter a username and password. In some systems, additional factors may be considered when authenticating users.
In one conventional system, a mobile device operated by a user sends its current location information, as determined by using the Global Positioning System (GPS) running on the mobile device, to an authentication server during an authentication process. The authentication process is then able to include the mobile device's location in assessing the user's authenticity. For example, the authentication process may reject authentication requests received from the mobile device when the mobile device is outside a predetermined area.